in ,

Securityminders’ George Moraetes: Risk Assessment Could Help Evaluate Cloud Providers for FedRAMP Compliance

Securityminders’ George Moraetes: Risk Assessment Could Help Evaluate Cloud Providers for FedRAMP Compliance - top government contractors - best government contracting event
https://executivebiz-media.s3.amazonaws.com/2022/08/19/30/9f/c3/a0/b7/6f/d4/64/Executive-Biz.png

Securityminders’ George Moraetes: Risk Assessment Could Help Evaluate Cloud Providers for FedRAMP Compliance - top government contractors - best government contracting eventGeorge Moraetes, vice president, chief security officer and architect at Securityminders, has said federal agencies should take several measures to evaluate cloud service providers for compliance with the Federal Risk and Authorization Management Program and one of those is through cloud risk assessment.

Moraetes wrote in a guest piece published Thursday on IBM’s Security Intelligence that agencies that aim to move workloads to the cloud should classify data based on sensitivity and type.

“You may also want to perform a security assessment to determine whether a public, private or hybrid cloud solution carries more or less risk than simply hosting the data on-premises,” he noted.

He also called on organizations to develop a security policy in an effort to outline the risks and controls related to a cloud platform and identify applications and data that are suitable and secure enough for cloud migration.

Moraetes noted that CSPs offer cloud platforms through software-as-a-service, infrastructure-as-a-service and platform-as-a-service business models.

“These common cloud services should be evaluated according to the organization’s cloud security policy and risk assessment,” he added.

Agencies should also evaluate CSPs based on authentication protocols, data backup, encryption, data deletion, security procedures and data ownership, Moraetes wrote.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Government Cloud

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

DynCorp to Help Maintain Aircraft Platforms at Navy's Aviation Warfighting Devt Center - top government contractors - best government contracting event
DynCorp to Help Maintain Aircraft Platforms at Navy’s Aviation Warfighting Devt Center
NASA, Aerojet Rocketdyne Test Main Engine Controller for Orion-SLS Crewed Flight - top government contractors - best government contracting event
NASA, Aerojet Rocketdyne Test Main Engine Controller for Orion-SLS Crewed Flight